The decades-old technology used to manage the power grid is vulnerable to manipulation or sabotage, according to a study revealed this week.
Attackers could manipulate power-grid data by breaking into substations and intercepting communications between substations, grid operators, and electricity suppliers. This data is used by grid operators to set prices for electricity and to balance supply and demand, the researchers say. Grid hackers could make millions of dollars at the expense of electricity consumers by influencing electricity markets. They could also make the grid unstable, causing blackouts.
The attacks would be difficult to trace, according to Le Xie, an assistant professor of electrical and computer engineering at Texas A&M University, speaking at the IEEE SmartGridComm2010 conference in Gaithersburg, Maryland, this week. Vulnerabilities have existed in some grid systems for decades. But the threat is becoming worse as more substations become automated, and unmanned, making it easier for an attacker to access grid data. As utilities move over to open communications standards, as part of the migration to the "smart grid," it could get even easier to intercept communications or hack into systems remotely.
Electric-grid operators forecast supply and demand a day ahead of time, and set prices for customers in different places in accordance. This helps keep supply steady and the grid stable. Power generators then allocate their resources based on this predicted demand and pricing. After they've supplied the electricity, the operators settle the accounts by looking at exactly how much power was generated by whom, and how it was distributed. Xie and colleagues say this data is vulnerable to manipulation. Attackers could tap into the communications lines between the substations and grid operators, and inject false information. If they're careful, the new data will seem like ordinary fluctuations on the grid.